Intercepting Filter Design Pattern in Java

The presentation-tier request handling mechanism receives many different types of requests, which require varied types of processing. Some requests are simply forwarded to the appropriate handler component, while other requests must be modified, audited, or uncompressed before being further processed.

One of the best example for Intercepting Filter Pattern is Spring Security's DelegatingFilterProxy , which will intercept the HTTP request and do the authentication check. Spring security build on chain of filters.

Let's see how the Intercepting Filter Pattern solve the problem with examples. This pattern is divided into a number of sections for simplicity like problem, forces,solution,implementation etc.

Table of contents

Problem

Forces

Solution

Explanation

Structure - Class Diagram, Sequence Diagram

Participants and Responsibilities

Implementation

Consequences

Applicability

Real world examples

References

Problem

(Problem section describes the design issues faced by the developer)

Pre-processing and post-processing of a client Web request and response are required. When a request enters a Web application, it often must pass several entrance tests prior to the main processing stage. For example,

Has the client been authenticated?

Does the client have a valid session?

Is the client's IP address from a trusted network?

Does the request path violate any constraints?

What encoding does the client use to send the data?

Do we support the browser type of the client? Some of these checks are tests, resulting in a yes or no answer that determines whether processing will continue. Other checks manipulate the incoming data stream into a form suitable for processing. You want to intercept and manipulate a request and a response before and after the request is processed.

Forces

(This section describes Lists the reasons and motivations that affect the problem and the solution. The list of forces highlights the reasons why one might choose to use the pattern and provides a justification for using the pattern)

You want centralized, common processing across requests, such as checking the data-encoding scheme of each request, logging information about each request, or compressing an outgoing response.

Solution

Use an Intercepting Filter as a pluggable filter to pre and postprocess requests and responses. A filter manager combines loosely coupled filters in a chain, delegating control to the appropriate filter. In this way, you can add, remove, and combine these filters in various ways without changing existing code.

Structure

Class Diagram

Sequence Diagram

Participants

Filter - Filter which will performs certain task prior or after execution of request by request handler.

Filter Chain - Filter Chain carries multiple filters and help to execute them in defined order on target.

Standard Filter Strategy

The servlet 2.3 specification includes a standard mechanism for building filter chains and unobtrusively adding and removing filters from those chains.

Filters are built around interfaces, and added or removed in a declarative manner by modifying the deployment descriptor for a Web application.

javax.servlet.Filter(interface)

A filter is an object that performs filtering tasks on either the request to a resource (a servlet or static content), or on the response from a resource, or both. Filters perform filtering in the doFilter method.

Every Filter has access to a FilterConfig object from which it can obtain its initialization parameters, a reference to the ServletContext which it can use, for example, to load resources needed for filtering tasks.

Filters are configured in the deployment descriptor of a web application.

Examples that have been identified for this design are

Authentication Filters

Logging and Auditing Filters

Image conversion Filters

Data compression Filters

Encryption Filters

Tokenizing Filters

Filters that trigger resource access events

XSL/T filters

Mime-type chain Filter

javax.servlet.FilterChain(interface)

A FilterChain is an object provided by the servlet container to the developer giving a view into the invocation chain of a filtered request for a resource.
Filters use the FilterChain to invoke the next filter in the chain, or if the calling filter is the last filter in the chain, to invoke the resource at the end of the chain.

Examples

Our example for this strategy will be to create a filter that preprocesses requests of any encoding type such that each request may be handled similarly in our core request handling code. Why might this be necessary? HTML forms that include a file upload use a different encoding type than that of most forms.

Thus, form data that accompanies the upload is not available via simplegetParameter()invocations. So, we create two filters that preprocess requests, translating all encoding types into a single consistent format. The format we choose is to have all form data available as request attributes.